upstream release: https://chromereleases.googleblog.com/2023/08/chrome-desktop-stable-update.html
Ready for QA!
Assignee: chb0 => qa-bugs
Strange, I do not see it in i.e https://ftp.acc.umu.se/mirror/mageia/distrib/9/x86_64/media/tainted/updates_testing/
CC: (none) => fri
thats because its only built in cauldron testing before I locked it down for svn branching...
Whiteboard: (none) => MGA9TOO
Assigning back to packager to fix up mga9 update. (I see you pushed a rebuild of 116.0.5845.96 to updates_testing, but that one is already in mga9 release. also, remember when assigning updates to QA, you _must_ list packages to test... not point to an upstream blog about a new version... cauldron 116.0.5845.110 package is moved to release from testing
Assignee: qa-bugs => chb0Version: Cauldron => 9Whiteboard: MGA9TOO => (none)
(In reply to Thomas Backlund from comment #4) > Assigning back to packager to fix up mga9 update. > > (I see you pushed a rebuild of 116.0.5845.96 to updates_testing, but that > one is already in mga9 release. > > also, remember when assigning updates to QA, you _must_ list packages to > test... not point to an upstream blog about a new version... > > > > cauldron 116.0.5845.110 package is moved to release from testing Hi. Yes, sorry for that. I usually do so but I was too quick here. Here you go then. However, sorry for my ignorance, I am a bit lost here. 116.0.5845.110 was built for MGA9 some days ago. I thought resubmitting would be enough but I overlooked at it. Should I resubmit it or not? ADVISORY NOTICE PROPOSAL ======================== New chromium-browser-stable 116.0.5845.110 fixes bugs and vulnerabilities Description The chromium-browser-stable package has been updated to the 116.0.5845.110 release, fixing 5 vulnerabilities. High CVE-2023-4430: Use after free in Vulkan. Reported by Cassidy Kim(@cassidy6564) on 2023-08-02 High CVE-2023-4429: Use after free in Loader. Reported by Anonymous on 2023-08-03 High CVE-2023-4428: Out of bounds memory access in CSS. Reported by Francisco Alonso (@revskills) on 2023-08-06 High CVE-2023-4427: Out of bounds memory access in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-08-07 Medium CVE-2023-4431: Out of bounds memory access in Fonts. Reported by Microsoft Security Researcher on 2023-08-01 References https://bugs.mageia.org/show_bug.cgi?id=32193 https://chromereleases.googleblog.com/2023/08/chrome-desktop-stable-update.html SRPMS 9/tainted chromium-browser-stable-116.0.5845.110-1.mga9.tainted.src.rpm PROVIDED PACKAGES ================= x86_64 chromium-browser-116.0.5845.110-1.mga9.tainted.x86_64.rpm chromium-browser-stable-116.0.5845.110-1.mga9.tainted.x86_64.rpm i586 chromium-browser-116.0.5845.110-1.mga9.tainted.i586.rpm chromium-browser-stable-116.0.5845.110-1.mga9.tainted.i586.rpm
Anyway, let us go now for 116.0.5845.140 https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_29.html
Summary: chromium-browser-stable new security issues fixed in 116.0.5845.110 => chromium-browser-stable new security issues fixed in 116.0.5845.140
ADVISORY NOTICE PROPOSAL ======================== New chromium-browser-stable 116.0.5845.140 fixes bugs and vulnerabilities Description The chromium-browser-stable package has been updated to the 116.0.5845.140 release, fixing 5 vulnerabilities. High CVE-2023-4430: Use after free in Vulkan. Reported by Cassidy Kim(@cassidy6564) on 2023-08-02 High CVE-2023-4429: Use after free in Loader. Reported by Anonymous on 2023-08-03 High CVE-2023-4428: Out of bounds memory access in CSS. Reported by Francisco Alonso (@revskills) on 2023-08-06 High CVE-2023-4427: Out of bounds memory access in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-08-07 Medium CVE-2023-4431: Out of bounds memory access in Fonts. Reported by Microsoft Security Researcher on 2023-08-01 High CVE-2023-4572: Use after free in MediaStream. Reported by fwnfwn(@_fwnfwn) on 2023-08-12 References https://bugs.mageia.org/show_bug.cgi?id=32193 https://chromereleases.googleblog.com/2023/08/chrome-desktop-stable-update.html https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_29.html SRPMS 9/tainted chromium-browser-stable-116.0.5845.140-1.mga9.tainted.src.rpm PROVIDED PACKAGES ================= x86_64 chromium-browser-116.0.5845.140-1.mga9.tainted.x86_64.rpm chromium-browser-stable-116.0.5845.140-1.mga9.tainted.x86_64.rpm i586 chromium-browser-116.0.5845.140-1.mga9.tainted.i586.rpm chromium-browser-stable-116.0.5845.140-1.mga9.tainted.i586.rpm
MGA9 - x86_64, Xfce installed - testing working for me. youtube, audio, basic pages.
CC: (none) => brtians1Whiteboard: (none) => MGA9-64-OK
Validating. Advisory in comment 7.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
mga8-64 Plasma, nvidia-current: thumbs up from me too.
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0256.html
Status: NEW => RESOLVEDResolution: (none) => FIXED